ThousandMind

Privacy Policy

Zhongpeng Technology strictly complies with the EU GDPR, U.S. CCPA, data protection regulations in Southeast Asia, and Chinese privacy standards. We commit to “collecting only what is necessary, ensuring full-process security, and clearly informing rights” to safeguard your personal information rights and interests.

1. Applicable Entities and Scenarios

  • We/Us: Shenzhen Zhongpeng Technology Co., Ltd. (referred to as “Zhongpeng Technology”).
  • You: Individual customers and contact persons of corporate customers who cooperate with us through overseas official websites, emails, QQ, WhatsApp and other channels.
  • Applicable Scenarios: All business interactions including product procurement, order processing, logistics and distribution, and after-sales support.

2. Personal Information We Collect

We only collect information necessary for business operations without redundant collection. All data is obtained from your active provision or necessary business cooperation links.

1. Mandatory Information (Cooperation Cannot Be Completed Without Such Information)

  • Identity Information: Name, position, and affiliated company name (for corporate customer contacts) — used to confirm the cooperative entity.
  • Contact Information: Mobile phone number, email (official contact: [email protected]), WhatsApp account, QQ (official contact: 791343957) — used for business communication and notifications.
  • Transaction Information: Purchased product model/quantity, payment records, delivery address and recipient information — used for order fulfillment and logistics distribution.

2. Information Collected with Third-Party Assistance (Optional)

Cooperating third parties only obtain necessary information and strictly maintain confidentiality, including:

  • Payment Service Providers (e.g., PayPal): Transaction verification information (excluding complete bank card numbers) — to ensure cross-border payment security.
  • Logistics Service Providers (e.g., DHL, FedEx): Delivery information — used for shipment tracking and delivery notifications.
  • Official Website Analytics Tools (e.g., Google Analytics): Anonymous access data (device model, page browsing records, not linked to personal identity) — to optimize website experience.

3. Sensitive Information Processing (Special Reminder)

If bank card information needs to be provided: It will be processed locally with AES-256 encryption. Only necessary verification information will be transmitted to payment institutions, and complete card numbers will not be stored. If biometric information is required (for identity verification): It will only be stored locally and not transmitted to any third party, and you may request deletion at any time.

3. Purposes of Information Use

Collected information is only used for the following purposes. For use beyond these scopes, your explicit consent will be obtained in advance:

  1. Providing Core Services: Responding to inquiries, product selection, order processing, logistics arrangement, and after-sales support.
  2. Synchronizing Key Information: Informing you of order progress, logistics status, product notifications, and policy updates.
  3. Ensuring Transaction Security: Identifying fraud risks, verifying payment legality, and protecting the rights and interests of both parties.
  4. Optimizing Service Experience: Adjusting product supply and service processes based on anonymous data statistics of customer needs.
  5. Complying with Regulatory Requirements: Retaining necessary transaction records to meet import and export, tax, and customs regulations of various countries.

4. Information Storage and Security Assurance

1. Storage Details

  • Storage Location: Mainly stored on Alibaba Cloud servers in China; some overseas customer information is backed up on AWS Singapore servers (compliant with cross-border data transfer regulations).
  • Storage Duration: During the cooperation period + 3 years. After the expiration, information will be completely deleted through irreversible methods such as data overwriting and physical destruction (unless otherwise required by laws and regulations).

2. Security Protection Measures

We have established an ISO 27001 standard information security management system, with multiple protections to ensure information security:

  • Data Encryption: AES-256 encryption is adopted throughout the storage and transmission process to prevent unauthorized access.
  • Permission Control: Only necessary employees are authorized to access information, with regular confidentiality training and background checks.
  • Regular Audits: Independent third-party institutions conduct security audits every six months to identify and fix vulnerabilities.
  • Emergency Response: In case of data leakage, we will notify you through the reserved contact method within 72 hours, and report to regulatory authorities and take remedial measures.

5. Information Sharing and Cross-Border Transfer

1. Information Sharing Rules

In principle, we will not share your information with third parties, and only share it in a limited manner under the following legal scenarios:

  • Third Parties Explicitly Authorized by You (e.g., consignees): The scope of sharing is limited to the authorized purpose.
  • Necessary Business Partners (payment, logistics): Only the minimum information required to complete the service is provided, and a data protection agreement is signed.
  • Legal and Regulatory Requirements: Providing information within the legal scope in accordance with court judgments, regulatory orders, etc.

2. Compliance with Cross-Border Transfer

  • Regions with “Adequacy Decision” (EU, Southeast Asia, etc.): Direct compliant transfer.
  • Other Regions: Legality is guaranteed through EU Standard Contractual Clauses (SCCs).
  • All Transfers: Information is encrypted, and you will be informed of the transfer destination and purpose in advance. You may withdraw consent at any time.

3. Special Note on U.S. CCPA (For California Users)

Pursuant to CCPA, “sale” refers to the disclosure of your personal information to third parties for valuable consideration. We will not sell your personal information. If future business adjustments involve relevant behaviors, we will notify you in advance and obtain your explicit consent.

6. Your Core Rights

We guarantee your legal exercise of rights and provide convenient channels, as follows:

Type of RightSpecific ContentExercise Method
Right of AccessInquiring about the stored content, usage and sharing records of your informationEmail to [email protected], response within 3 working days
Right of CorrectionModifying incorrect/incomplete information (e.g., contact information, address)Apply via QQ/Email/Phone (+86 755-83211027)
Right to ErasureRequesting deletion of unnecessary information or revoking consent for information processingSubmit a written application to customer service, completion of erasure within 15 days
Right to Withdraw ConsentWithdrawing consent for information processing (without affecting the validity of previous compliant processing)Notify via email/phone, we will stop relevant processing immediately
Right to Opt-Out of Sale (California Users)Refusing the sale of your information to third partiesEmail to [email protected] with the note “Opt-Out of Information Sale”, confirmation within 2 working days
Right to Non-Discrimination (California Users)Not being subject to discriminatory treatment when exercising rightsFile a complaint through official channels if discriminated against

Note: After receiving your application, we will first conduct necessary identity verification. Upon successful verification, we will respond within the above time limit; if the application cannot be satisfied, we will explain the reasons within 3 working days.

7. Policy Updates and Notifications

  • Update Notification: Push notifications through official website pop-ups, your reserved email/mobile phone, and official QQ.
  • Material Changes: Expanding the scope of information collection, changing the purpose of use, etc., will require re-obtaining your explicit consent.
  • Record Retention: All update notification records are retained for 3 years and can be inquired by contacting customer service.

8. Contact Us

If you have questions, need to exercise your rights or file a complaint, you can contact the privacy protection officer through the following methods:

  • Official Email: [email protected] (response within 24 hours)
  • Official QQ: 791343957 (Working Hours: 9:00-18:00 Beijing Time)
  • Contact Phone: +86 755-83211027 (Working Hours: 9:00-18:00 Beijing Time)
  • Fax: +86 755 83213475
  • Company Address: Room 4203, Tower A, Xintian Century Business Center, No. 2 North Shixia Street, Futian District, Shenzhen City, China
  • Company Website: http://www.zp-sz.com